Ever get the feeling that this is really what your business and IT customers are saying to you whenever you’re sitting in that last-minute security review and you catch them in violation of the security policies you know have been published for at least 6 months—and which they’ve had to go through (probably mind-numbing) mandatory […]
Is it worth it?
I was recently asked when I was talking to someone about the newsletter you hear about most days whether it was really worth it or not. The reality is that I can’t answer that question for you. You have to make your own value calculation, and then you have to decide if about $3/day is […]
Wisely wielding the power of organizational mind control
Yesterday, I let you in on one of the biggest secrets of security: that the primary role you have in delivering your mission and purpose of security is creating and maintaining the organizational security policies. Today, I’m going to let you in on the biggest secret of security: You have the power to control the […]
Eating your security requirements
Ok, I get it. The whole concept of Security Requirements Engineering might be just like that old Life cereal commercial I grew up with. You might remember, if you’re old like me, but there’s these two brothers, and they have a bowl of cereal. One says to the other, “What’s that?” The other looks at […]
Gimme 3 types…gimme 3 types, mister
Whether or not you’re cutting the rug with Linda Lou or shakin’ like a leaf on a tree, one thing you need to know about requirements if you’re going to have a hope of tryin’ to prove they’re the right ones you should be including into your security program is that there’s 3 types: The […]
- « Previous Page
- 1
- …
- 38
- 39
- 40
- 41
- 42
- …
- 57
- Next Page »
